-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 24 Sep 2021 15:37:51 +0200 Source: tomcat9 Architecture: source Version: 9.0.53-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Closes: 982961 987179 Changes: tomcat9 (9.0.53-1) unstable; urgency=medium . * Team upload. * New upstream version 9.0.53. - Drop security patches. Fixed upstream. - Fix CVE-2021-41079: Apache Tomcat did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service. * Declare compliance with Debian Policy 4.6.0. * Set the fileOwner of catalina.out to tomcat explicitly. Thanks to Adam Cecile for the report. (Closes: #987179) * Refresh 0021-dont-test-unsupported-ciphers.patch * tomcat9.cron.daily: Set maxdepth to 1 so that log files of custom applications in subdirectories of /var/log/tomcat9 are not compressed. Thanks to Ludovic Pouzenc for the report. (Closes: #982961) * Exclude TestJNDIRealmIntegration because of missing dependencies. * d/rules: dh_auto_test override: Set addOSGi to false when building the tests to prevent a FTBFS. Checksums-Sha1: bdf8ff90af8bc7f8ff501580c485a6647c6e8091 2874 tomcat9_9.0.53-1.dsc 18f655144d542da5145e98945f870d6101ab24b7 4019968 tomcat9_9.0.53.orig.tar.xz 77b70213b843c8a01a2d7c848fa9be8e40f72748 35304 tomcat9_9.0.53-1.debian.tar.xz f945176ae39519f8560d294c9ffd28a1b9aa69d5 13580 tomcat9_9.0.53-1_amd64.buildinfo Checksums-Sha256: 69ce0e876fc44bcd8c766fa8d13ab75a536c47b70873cfa807dc3b7c31ed1cb1 2874 tomcat9_9.0.53-1.dsc a8ae88c93825d4a7c73e4bf4096c092be8fea622ade28fb0cb8fe2157d4537dc 4019968 tomcat9_9.0.53.orig.tar.xz be20c481478285abe27ffe06a77ae585784fa689a3bd6331b28e461688dc977b 35304 tomcat9_9.0.53-1.debian.tar.xz 9822b04f9272ae421dbc5528318d982f6af4145411dd539d4876243a722b66d7 13580 tomcat9_9.0.53-1_amd64.buildinfo Files: 96befa3f3b2d2b06d608536d52bac5e1 2874 java optional tomcat9_9.0.53-1.dsc 3f28516011f2bdac1f788a5e45ee00fe 4019968 java optional tomcat9_9.0.53.orig.tar.xz 2fe41f53a2c61bcfdef948e3d98fda93 35304 java optional tomcat9_9.0.53-1.debian.tar.xz a16b703180b85f20f67933d5b18cebb7 13580 java optional tomcat9_9.0.53-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmFOBK1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hkf8sP/jhZpBsGwWpMe0tn81dgtymfMp0ClTov82n2 Vj8XtMvxRxXDikPHtm1YHlnghm9D25zIHp5Q06ZjmRb5fgd3IAU2tLlx72IXd+Tq RkE7FskyBDC7Z5gIGuR7oVctrz/4dwgtTKhGsdzelvTUzkvjClWN2cfFctQbipz0 uIkPNsMCixtRcvzzGSkx5E56hhOXWHiHpUvK4JjBFkx4bpRLJMFk8WS4LkREeTT/ /REfXHNXiwS7gL4GrFS5GAknnfPIYkSqPg8si/59hcKAvQAZrSGqU6s4Af86rzRq El4LzlmVV0+g6CRFh9orcgfaKrEZTNypQMztaLCUPr/4+NDKVesBzwt1D32Jvyut loxQeN3dJC4KX4SS+5eFqsEQAdmSqziGhCXzvG/029Rm2B5KUHZommiyVADSDtuP XS4nsi/L5GWRZHr7+i2fwT026Eaf0xDsiN7oaKi7lNlWp+cUgo33EN6d3SiPWg5p occVTxYcz18ZD4YGbgVeDLR60tTjYpZ74/dhi4mbMr8NofVM+YasSdRrETRGLJGF oEYsuNdBdMS1AIzcbkY/kfcZKwoXnD1hL6xkeKoVSKEJ/2DeCoy4NoYHVul5OMNL vB7KirOzrNQ3uB+y6sFarcEZkW8WGzk+MyCVygnbhvoZg4unjO9z5PkXiGvyt0Me q6v5Gntx =rJDx -----END PGP SIGNATURE-----